Thursday, April 26, 2007 2:24 PM
cmosby
Adobe Photoshop Bitmap File Handling Buffer Overflow Vulnerability - Advisories - Secunia
Adobe Photoshop Bitmap File Handling Buffer Overflow Vulnerability
Secunia Advisory:
SA25023
Release Date:
2007-04-25
Critical:
Highly critical
Impact:
System access
Where:
From remote
Solution Status:
Unpatched
Software:
Adobe Photoshop CS2
Adobe Photoshop CS3
Description:
Marsu has reported a vulnerability in Adobe Photoshop, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error within the handling of Bitmap files (e.g. .BMP, .DIB, .RLE) and can be exploited to cause a stack-based buffer overflow via a specially crafted Bitmap file.
Successful exploitation allows execution of arbitrary code.
The vulnerability is reported in Adobe Photoshop CS2 and CS3. Other versions may also be affected.
Solution:
Do not open untrusted Bitmap files.
Provided and/or discovered by:
Marsu
Original Advisory:
http://milw0rm.com/exploits/3793
Source: Adobe Photoshop Bitmap File Handling Buffer Overflow Vulnerability - Advisories - Secunia
Filed under: Security and Anti-Virus, Patch Management, Internet Applications